Docs

Application Usage

COMING SOON

FAQ

How is MACAT licensed?

MACAT is mostly free (as in gratis) to use, but it is not currently Open-Source Software. I'm considering eventual Fair Source Licensing (delayed open source), but it may stay proprietary.

MACAT has some licensing restrictions and may not be used for Cybersecurity Consulting. Read the EULA carefully before use.

Is there a slack or discord channel?

Yes, there's a Discord channel available here: https://discord.gg/MUB7fdRK46

How are you tracking issues?

I've started a github page here for issue tracking and examples of planned external open source content: https://github.com/thebleucheese/macat-ext. Discord works too.

If I add a Windows Defender/EDR block exception for MACAT, how does it help me test my Defenses?

Review your EDR and put it in detect-only mode - sometimes called "Detection Mode", "Audit Mode", or "Passive Mode".

Even with an exception, your EDR should still capture system logging and telemetry for the commands that MACAT runs. The creation of scheduled tasks, addition of registry keys, or the use of the Windows API should trigger logging that makes its way to your central log aggregator, typically a SIEM.

This information should be enough to determine if a block would have occurred or alerts were triggered for an activity.